You searched for cloud | Page 100 of 112 | The Security Ledger with Paul F. Roberts

Search Results for "cloud"

This Week In Security: Ebay’s School of Hard Knocks

June 1, 2014 Paul Roberts

It’s the end of another busy week in the security world. As we’re wont to do at The Security Ledger, we had DUO Security Evangelist Mark Stanislav in to the deluxe Security Ledger Studios to talk about the events of the week. On the agenda this week: the continued fallout from the hack of online auction giant eBay. The company ran into a thicket of criticism this week for the breach and its botched response. Despite knowing about the security breach for weeks, eBay seemed unprepared for the fallout once the news became public. Beyond its statements to the press, the company hadn’t taken steps to streamline the (inevitable) flood of customers who wanted to update their password. In fact, more than a day after the news broke, eBay still hadn’t made mention of it on their home page. What lessons can we learn from the breach at online auction […]

Podcast: Is Defense-In-Depth The Only Real Heartbleed Fix?

May 30, 2014 Paul Roberts

Like everyone else, we wrote extensively in the last month about the serious security vulnerability in OpenSSL dubbed “Heartbleed,” which affected many of the world’s leading web sites and services, including Facebook and Google. The large-type headlines about Heartbleed have passed. But that doesn’t mean that the danger has. As we have noted, we are entering a phase that might be considered Heartbleed’s ‘long tail.’ Most of the well-trafficked websites that were vulnerable to Heartbleed have gotten around to fixing the vulnerability. But public-facing web servers are only the beginning of the story for OpenSSL. Chasing down the vulnerability’s long tail in third-party applications and on internal web sites and applications is a much larger task. As I’ve noted: open source components make their way into all manner of applications and bespoke products these days, often without any effort to assess the security of the borrowed code. For companies that need to protect critical IT […]

iPhone and iPad Hijacking: What You Need To Know

May 28, 2014 Paul Roberts

The past 24 hours has seen a spate of stories warning about a spate of ‘ransomware’ attacks on iPhones and iPads – especially in the the UK and Australia. According to the reports, compromised devices are locked and owners are instructed to email a ransom (variously: $100, $50, €100) to one “Oleg Pliss” to have their devices unlocked. These attacks aren’t really news. In fact, the Oleg Pliss scam appears to have been circulating for close to six months. However, it’s worthwhile reviewing what we do (and don’t) know about these latest attacks on mobile devices. Accordingly, Security Ledger has put together a short FAQ that tells you what you need to know about the latest mobile scam, and to dispel some of the rumors floating around in the Internet ether. What’s Going On? According to news reports and complaints on Apple Support forums, owners of iPhones and iPads are having their devices locked. […]

Pew: IoT Will Take Off By 2025, Despite Security Woes

May 15, 2014 Paul Roberts

A survey of technology experts by the Pew Research Center and Elon University predicts that the Internet of Things will take off in the next decade despite serious concerns about the security of IoT devices and the data they hold. The IoT will gain wide adoption in the next decade, with the result that many aspects of day-to-day life will be transformed by a combination of inexpensive sensors, cloud based computing and data analytics. The report cites a number of likely innovations that will become commonplace by 2025 – from “smart” food products that can report when they are exhausted or spoiled, to smart roads and infrastructure to “subcutaneous sensors or chips that provide patients’ real-time vital signs to self-trackers and medical providers.” The Pew Center canvassed more than 1600 technology leaders and analysts about the Internet of Things and published the findings of the survey on Wednesday. The survey population included […]

Cisco: Internet of Things Tips Scales In Favor Of Bad Guys?

April 27, 2014 Paul Roberts

A week from this Wednesday, the Security Ledger is hosting The Security of Things Forum: a day-long event in Cambridge, Massachusetts, that will explore the challenges of securing a global network of hundreds of billions of Internet connected devices. [Register here for The Security of Things Forum – Security and Internet of Things: May 7, Cambridge, MA] One of the big issues that we’ll be tackling is how the Internet of Things (or IoT) changes the security paradigm for enterprises and other large, IT-dependent organizations. Needless to say: the corporate network environment of 2020 won’t bear much resemblance to the network of 2000. But what kinds of tools and technologies will be needed to secure that environment and identify threats to the data stored on it? What security tools and strategies will go the way of the typewriter? What areas will require more investment? So far, the focus of discussions about IoT […]